app.kriptomat.io Open in urlscan Pro
2606:4700:10::ac43:9f7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.kriptomat.io/
Submission: On December 28 via api (December 28th 2022, 1:08:08 am UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 31 domains to perform 125 HTTP transactions. The main IP is 2606:4700:10::ac43:9f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.kriptomat.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2022. Valid for: a year.

This is the only time app.kriptomat.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:10:... 2606:4700:10::ac43:9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	104.16.204.229 104.16.204.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	99.86.240.11 99.86.240.11	16509 (AMAZON-02) (AMAZON-02)
1 4	2600:9000:211... 2600:9000:211a:8000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:219... 2600:9000:2190:4800:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:ce1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:c... 2600:1901:0:c901::	15169 (GOOGLE) (GOOGLE)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.11.199 13.32.11.199	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
10 14	2a05:d018:cc3... 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622	16509 (AMAZON-02) (AMAZON-02)
4	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
1	54.200.194.178 54.200.194.178	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	3.64.108.88 3.64.108.88	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.73.160.208 54.73.160.208	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	35.232.130.7 35.232.130.7	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.84.106.92 52.84.106.92	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2606:4700:20:... 2606:4700:20::681a:b92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.129.162 34.120.129.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	13.32.110.21 13.32.110.21	16509 (AMAZON-02) (AMAZON-02)
3	3.93.95.179 3.93.95.179	14618 (AMAZON-AES) (AMAZON-AES)
2	3.33.152.127 3.33.152.127	16509 (AMAZON-02) (AMAZON-02)
125	47

18 2606:4700:10::ac43:9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

app.kriptomat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.kriptomat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.204.229 (None, )

ASN13335 (CLOUDFLARENET, US)

gateway.ixopay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-11.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211a:8000:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:4800:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:ce1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.kriptomat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:c901:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.sardine.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.11.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-199.vie50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.194.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-194-178.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.108.88 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-88.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.83.142.19 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.160.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-160-208.eu-west-1.compute.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.232.130.7 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.130.232.35.bc.googleusercontent.com

p.sardine.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.106.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-92.bud50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:b92 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

code.gist.build	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
renderer.gist.build	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.129.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.129.120.34.bc.googleusercontent.com

track-eu.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.110.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-21.vie50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.93.95.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-95-179.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.152.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	kriptomat.io app.kriptomat.io api.kriptomat.io	2 MB
19	adroll.com 11 redirects s.adroll.com — Cisco Umbrella Rank: 3334 d.adroll.com — Cisco Umbrella Rank: 2169 ipv4.d.adroll.com — Cisco Umbrella Rank: 12461	32 KB
9	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 7508 downloads.intercomcdn.com — Cisco Umbrella Rank: 27705	577 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1536 j.clarity.ms — Cisco Umbrella Rank: 11923 c.clarity.ms — Cisco Umbrella Rank: 2283	22 KB
8	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7629 identity.mparticle.com — Cisco Umbrella Rank: 2329 jssdks.mparticle.com — Cisco Umbrella Rank: 7042	62 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	416 KB
6	gist.build 2 redirects code.gist.build — Cisco Umbrella Rank: 217098 renderer.gist.build — Cisco Umbrella Rank: 229955	548 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103 region1.google-analytics.com — Cisco Umbrella Rank: 2124	20 KB
6	google.com www.google.com — Cisco Umbrella Rank: 16	23 KB
5	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 321 stats.g.doubleclick.net — Cisco Umbrella Rank: 179	1 KB
5	sardine.ai api.sardine.ai — Cisco Umbrella Rank: 97389 p.sardine.ai — Cisco Umbrella Rank: 227418	76 KB
4	intercom.io widget.intercom.io — Cisco Umbrella Rank: 5280 api-iam.intercom.io — Cisco Umbrella Rank: 5223	11 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 619 c.bing.com — Cisco Umbrella Rank: 444	14 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3658	715 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	234 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	132 KB
3	customer.io assets.customer.io — Cisco Umbrella Rank: 40681 track-eu.customer.io — Cisco Umbrella Rank: 274344	4 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235	74 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	168 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	874 B
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4606 api2.amplitude.com — Cisco Umbrella Rank: 1818	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 497	140 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1388	90 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1316	493 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 923	145 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 698	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 452	239 B
1	ixopay.com gateway.ixopay.com — Cisco Umbrella Rank: 609893	59 KB
125	31

	Domain	Requested by
15	app.kriptomat.io	app.kriptomat.io
14	d.adroll.com	10 redirects s.adroll.com app.kriptomat.io
7	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
6	www.google.com	app.kriptomat.io www.gstatic.com www.google.com
6	api.kriptomat.io	app.kriptomat.io
5	code.gist.build	1 redirects code.gist.build
5	jssdks.mparticle.com	jssdkcdns.mparticle.com
5	www.google-analytics.com	jssdkcdns.mparticle.com www.google-analytics.com app.kriptomat.io
4	j.clarity.ms	www.clarity.ms
4	www.gstatic.com	www.google.com www.gstatic.com
4	api.sardine.ai	app.kriptomat.io api.sardine.ai
4	s.adroll.com	1 redirects app.kriptomat.io s.adroll.com
3	api-iam.intercom.io	js.intercomcdn.com
3	www.google.de	app.kriptomat.io
3	stats.g.doubleclick.net	www.google-analytics.com
3	www.facebook.com	app.kriptomat.io
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	bat.bing.com	jssdkcdns.mparticle.com bat.bing.com app.kriptomat.io
3	connect.facebook.net	jssdkcdns.mparticle.com connect.facebook.net
3	www.clarity.ms	app.kriptomat.io www.clarity.ms bat.bing.com
3	www.googletagmanager.com	app.kriptomat.io www.googletagmanager.com
2	downloads.intercomcdn.com	js.intercomcdn.com
2	c.clarity.ms	1 redirects
2	ib.adnxs.com	1 redirects app.kriptomat.io
2	dsum-sec.casalemedia.com	1 redirects app.kriptomat.io
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects app.kriptomat.io
2	identity.mparticle.com	jssdkcdns.mparticle.com
2	assets.customer.io	app.kriptomat.io assets.customer.io
2	fonts.googleapis.com	app.kriptomat.io
1	renderer.gist.build	1 redirects
1	track-eu.customer.io
1	c.bing.com	1 redirects
1	widget.intercom.io	app.kriptomat.io
1	p.sardine.ai	app.kriptomat.io
1	region1.google-analytics.com	www.googletagmanager.com
1	ipv4.d.adroll.com	app.kriptomat.io
1	eb2.3lift.com	app.kriptomat.io
1	sync.taboola.com	app.kriptomat.io
1	image2.pubmatic.com	app.kriptomat.io
1	sync.outbrain.com	app.kriptomat.io
1	us-u.openx.net	app.kriptomat.io
1	pixel.rubiconproject.com	app.kriptomat.io
1	api2.amplitude.com	cdn.amplitude.com
1	vars.hotjar.com	static.hotjar.com
1	cdn.amplitude.com	jssdkcdns.mparticle.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	app.kriptomat.io
1	jssdkcdns.mparticle.com	app.kriptomat.io
1	gateway.ixopay.com	app.kriptomat.io
125	50

This site contains links to these domains. Also see Links.

Domain
kriptomat.io
help.kriptomat.io

Subject Issuer	Validity	Valid
kriptomat.io Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2022-12-22` - `2023-03-22`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.customer.io Amazon	`2022-11-19` - `2023-12-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
api.sardine.ai GTS CA 1D4	`2022-12-27` - `2023-03-27`	3 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2022-07-09` - `2023-07-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-06` - `2023-01-04`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
jssdks.mparticle.com R3	`2022-12-22` - `2023-03-22`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
p.sardine.ai GlobalSign RSA OV SSL CA 2018	`2022-06-16` - `2023-07-18`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
track-eu.customer.io GTS CA 1D4	`2022-11-07` - `2023-02-05`	3 months	crt.sh
gist.build Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
intercom-attachments-10.com Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://app.kriptomat.io/
Frame ID: D52B38E4B266281E746D450DF3F0779C
Requests: 95 HTTP requests in this frame

Frame: https://api.sardine.ai/assets/collector.min.c2dd9f3.html?r=2022-11-30-c2dd9f3
Frame ID: 1373F4362954859EA545444242CFD2BA
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 86D4C081C0371EF455F4B4624921F54D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVAfwUAAAAAD5mrd1bndx4bMa13XVUSzt7vMGp&co=aHR0cHM6Ly9hcHAua3JpcHRvbWF0LmlvOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=bottomleft&cb=6xxutxgrgsn4
Frame ID: 24FEABB2A989994E91CE2BAA779690B3
Requests: 7 HTTP requests in this frame

Frame: https://code.gist.build/renderer/0.0.17/index.html
Frame ID: DD47D3161D27FC2A48FBCE09923C5B20
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.84f2c4dc.js
Frame ID: D96C68C6E18A8C86167B4BD3E2CA0196
Requests: 10 HTTP requests in this frame

Frame: https://downloads.intercomcdn.com/i/o/303615/ba684b193c14782707b153c3/9384998c5d2600942b5e36cb73b9d50a.jpg
Frame ID: 29D10A33F0F3ABE0CDB60AC6A036D444
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kriptomat

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

125
Requests

89 %
HTTPS

47 %
IPv6

31
Domains

50
Subdomains

47
IPs

7
Countries

4010 kB
Transfer

12738 kB
Size

45
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://kriptomat.io/
Title: Home

Search URL Search Domain Scan URL

URL: https://kriptomat.io/legal-and-security
Title: Legal & privacy policy

Search URL Search Domain Scan URL

URL: https://help.kriptomat.io/en/
Title: Need help?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://s.adroll.com/j/exp/V7D4JNFLCZECZIFZ4UKSD7/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 67

https://d.adroll.com/cm/b/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

Request Chain 68

https://d.adroll.com/cm/g/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Td-bgeSP9zBX6V7xKW0OOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=Td-bgeSP9zBX6V7xKW0OOQ&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 69

https://d.adroll.com/cm/index/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expiration=1703725683 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expiration=1703725683&C=1

Request Chain 70

https://d.adroll.com/cm/n/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expires=365

Request Chain 71

https://d.adroll.com/cm/o/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=4ddf9b81e48ff73057e95ef1296d0e39&gdpr=1&gdpr_consent=

Request Chain 72

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=

Request Chain 73

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 74

https://d.adroll.com/cm/taboola/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

Request Chain 75

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&dongle=c85e

Request Chain 76

https://d.adroll.com/cm/x/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7 HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

Request Chain 101

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=C967E138C2E249EABC5E092F64AFA2F2&RedC=c.clarity.ms&MXFR=3C6C265146D26C92129234D942D2629F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=C967E138C2E249EABC5E092F64AFA2F2&MUID=3C4735BC32F068242519273433226923

Request Chain 102

https://code.gist.build/web/stable/gist.min.js HTTP 302
https://code.gist.build/web/2.12.0/gist.min.js

Request Chain 104

https://renderer.gist.build/1.0/index.html HTTP 302
https://code.gist.build/renderer/0.0.17/index.html

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app.kriptomat.io/ 7 KB
3 KB 83ms
34ms Document
text/html 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd715da232d93d90a74dad8232de2b6ccb87571bde67e6e634e189205f0657ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER
access-control-allow-methods: *
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78066709ad07927f-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 28 Dec 2022 01:08:02 GMT
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 189ms
71ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500,700&display=swap&subset=cyrillic,latin-ext

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a33970a7ec995d405b6ed74dd2b4f9cc72df287c7ebac1eb7efc9a4b18069927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 01:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 01:08:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
632 B 189ms
72ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Mono:400,500&display=swap

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18659243781424a608f268a975a7eaf46edde6173b6fa027275717e0c9d528db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 01:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 01:08:02 GMT

GET
H2 200 payment.1.3.min.js Show response
gateway.ixopay.com/js/integrated/ 158 KB
59 KB 54ms
18ms Script
application/x-javascript 104.16.204.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.ixopay.com/js/integrated/payment.1.3.min.js

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.204.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56763ce6107368c593b99329393e20b4986c86b98e1b027b3699c3caac197294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 27 Dec 2022 10:01:37 GMT
server: cloudflare
cf-cache-status: HIT
age: 1441
etag: W/"63aac281-2764b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
x-server: pay-prod-web-esh-02
cf-ray: 7806670a3aba2bdc-FRA
expires: Wed, 28 Dec 2022 05:08:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 191ms
72ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112514287-1

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed05e2f73f56d30b6806224942048206bb12f437768bfe286a98716f28f5cb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43576
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Dec 2022 01:08:02 GMT

GET
H3 200 chunk-vendors.c8a6e5f8.js Show response
app.kriptomat.io/js/ 3 MB
1 MB 33ms
32ms Script
application/javascript 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kriptomat.io/js/chunk-vendors.c8a6e5f8.js

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1754748fd1f1fa7cfabfe2fbe0d16d55094cb04146fa858cd6a431ad22810e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1441
cf-polished: origSize=3579453
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: W/"63a58640-369e3d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 7806670b3a98bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 app.702d0b75.js Show response
app.kriptomat.io/js/ 1 MB
255 KB 71ms
71ms Script
application/javascript 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kriptomat.io/js/app.702d0b75.js

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7eecafc617b13f7c9157bd1b10bbda1885dc007818b0d067bec075d07eab4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1441
cf-polished: origSize=1286727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: W/"63a58640-13a247"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 7806670b7ad9bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H2 200 chunk-vendors.cfc93fdc.css
app.kriptomat.io/css/ 50 KB
9 KB 31ms
28ms Stylesheet
text/css 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kriptomat.io/css/chunk-vendors.cfc93fdc.css

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b059d06f8e3489d45f52e9051b1d6ec3dd3d2f60329c07fea4282afc9e40e375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3061
cf-polished: origSize=50806
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: W/"63a58640-c676"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 78066709fd59927f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H2 200 app.b3d1a67f.css
app.kriptomat.io/css/ 357 KB
58 KB 36ms
34ms Stylesheet
text/css 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kriptomat.io/css/app.b3d1a67f.css

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6866371b2a6b90fc98b9cc24770e4286cf3ab9cb1d2031dfb397e90f22b9f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: W/"63a58640-59164"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 78066709fd5b927f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H2 200 e9k0c5b4ug Show response
www.clarity.ms/tag/ 675 B
1 KB 221ms
98ms Script
application/x-javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/e9k0c5b4ug
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5108d26e63e89c83d7636f6f80700ae64aab58fd781deba0cbf2f31352be16fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 28 Dec 2022 01:08:01 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 08parYwAAAABA4U/HjpgaToZJFahEfxDwRFVTMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/ 265 KB
61 KB 159ms
110ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: d597defd381012a8d136bd0b552f2463ad9f8bb648622dd522b6f96265f3ad16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000141-IAD, cache-hhn-etou8220049-HHN
date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 197
x-timer: S1672189683.520143,VS0,VE104
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000141_IAD
x-cache: HIT, MISS
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 62460
x-cache-hits: 3, 0

GET
H2 200 hotjar-2571225.js Show response
static.hotjar.com/c/ 13 KB
5 KB 195ms
72ms Script
application/javascript 99.86.240.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2571225.js?sv=6

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-11.vie50.r.cloudfront.net

Software

Resource Hash

c52db0c951b288ebc1a4d26f52a202a6f72b7d1c080b044c0d239be29d4134c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 01:08:02 GMT
via: 1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/9027127e30660c4ac8e2dd80e5724e4f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DdoHroK2hp4p2zXmMAhVcSUHmgztxMheXaBJWq7CZfPl3yR4JsWulg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
50 KB 214ms
136ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K735JVZ

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6e53eab13384144031ae9fff7c5666badde9d2b4676b8b44d7254cbe6f390b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51036
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Dec 2022 01:08:02 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/V7D4JNFLCZECZIFZ4UKSD7/ 58 KB
19 KB 117ms
18ms Script
text/javascript 2600:9000:211a:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/V7D4JNFLCZECZIFZ4UKSD7/roundtrip.js
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c87023fcde546904361f333151a1e6fbd5cce2ebb1c324c21768b5cea519aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Amz-Version-Id: bkPJG0E5c8s_ZU0LYCaL1VkmXGH1MmEB
Content-Encoding: gzip
Via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
Date: Wed, 28 Dec 2022 00:57:28 GMT
Age: 1248
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 03:58:53 GMT
Server: AmazonS3
Etag: W/"238dfa0ff3c9d5c3fefb07251da96698"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gQKvAN6OO0V0yqiYjTCCVw6I6jUCSfxxcO1nG2VCOgyFA8kRBg_aow==

GET
H2 200 track-eu.js Show response
assets.customer.io/assets/ 6 KB
3 KB 71ms
15ms Script
application/javascript 2600:9000:2190:4800:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track-eu.js
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4800:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f25533614e2109c3b84c0e40cb715840772537fbeb6190e7587e8f509466e10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 23:25:29 GMT
content-encoding: gzip
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 19:01:34 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 6155
etag: W/"e439ec355ab6493ab1f18d8b26a8d1db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mmg9B4UdLMpT7m22kw8GABqqK-jiloMbE6hK5KqI02oaI6mfw9jS7A==

OPTIONS
H2 204 maintenance
api.kriptomat.io/api/v1/apps/web/ Frame 0
0 62ms
31ms Preflight 2606:4700:10::6816:ce1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kriptomat.io/api/v1/apps/web/maintenance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:ce1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.kriptomat.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,DELETE,PUT,PATCH
access-control-allow-origin: https://app.kriptomat.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7806670edf479a23-FRA
content-length: 0
date: Wed, 28 Dec 2022 01:08:03 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
966 B 126ms
46ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/js/chunk-vendors.c8a6e5f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f9a887c456f92ae2b2d5950c184dc1fbb3353045691843d99d9254d2ecb98a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 28 Dec 2022 01:08:02 GMT

GET
H2 200 loader.min.js Show response
api.sardine.ai/assets/ 99 KB
25 KB 115ms
30ms Script
application/javascript 2600:1901:0:c901::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sardine.ai/assets/loader.min.js
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/js/app.702d0b75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0cf284c47e76c0d21b6b4ac3a74db2e0a1cef4ffcdee2c78fe5e2cff26adb724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 00:53:05 GMT
content-encoding: gzip
age: 897
x-guploader-uploadid: ADPycdsg-wh9YHT7BYGHnyZN6XIBFwXhuFApTUr44rbOtSepYsxhAEnSP-2c_T99LZFgVUo2RmuWHz6N4s745MS4EKkxvw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25481
last-modified: Wed, 30 Nov 2022 20:30:14 GMT
server: UploadServer
etag: "6e03e16ef9b8bb9134740729d942374f"
x-goog-hash: crc32c=Txh0Yw==, md5=bgPhbvm4u5E0dAcp2UI3Tw==
x-goog-generation: 1669840213962436
content-language: en
content-type: application/javascript
cache-control: public, max-age=1800,no-transform
x-goog-stored-content-length: 25481
accept-ranges: bytes
expires: Wed, 28 Dec 2022 01:23:05 GMT

GET
H3 200 maintenance Show response
api.kriptomat.io/api/v1/apps/web/ 44 B
330 B 32ms
32ms XHR
application/json 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kriptomat.io/api/v1/apps/web/maintenance

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/js/chunk-vendors.c8a6e5f8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9910394942b1e02ea7377ea57d5b2d9e30301389bb138159b49b076f561c23e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"2c-GruVVSqeDbpeAJUf7x13dK2/v6o"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.kriptomat.io
access-control-allow-credentials: true
cf-ray: 7806670f0f75bbf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/V7D4JNFLCZECZIFZ4UKSD7/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

19ms
18ms

Script
application/javascript

2600:9000:211a:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/
Protocol: HTTP/1.1
Server: 2600:9000:211a:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Date: Tue, 27 Dec 2022 17:57:22 GMT
Via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
Age: 25874
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: c-xlIK2wcQV5G_47-4234fsBGV3NTrYEnsXUWCd6_546sBUpfzhCMQ==

Redirect headers

Date: Tue, 27 Dec 2022 20:08:42 GMT
Via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
Age: 17960
X-Amz-Cf-Pop: VIE50-C2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: AcKdlrFtPAAGoEie_ORZvn70wS8SeqWorq_npWgDM_ZQMlR3jh_sBg==

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 57ms
8ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2571225.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 493258
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 248M2fRxfH6g0dv-0DXtd-G-h1yrHefisIV4Tjql_GfZPNCBq0xmOQ==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.7.1/ 55 KB
19 KB 13ms
13ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/e9k0c5b4ug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:02 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0g6eqYwAAAAAnB1ftccn7QLsSav7p7NHlQU1TMDRFREdFMTkwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag: "1d913c18f6c839e"
x-azure-ref: 085arYwAAAACtf6rg7+gSRID15esfNJFrRFVTMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 71ms
6ms Preflight 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://app.kriptomat.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 3310
date: Wed, 28 Dec 2022 01:08:03 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 503
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-hhn-etou8220064-HHN
x-timer: S1672189683.149877,VS0,VE0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
35ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Dec 2022 23:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6206
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 28 Dec 2022 01:24:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 38ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Dec 2022 01:08:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4G3AJcOw9ORsN/0wIu7gVAHWGuKrai1HiVQC1LT2lbN40BAHPEWTIUkrF2OpP48B26rO1CIAT4GJbgnzYyKzOw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 90ms
19ms Script
application/javascript 13.32.11.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-199.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer: https://app.kriptomat.io/
Origin: https://app.kriptomat.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 17:39:55 GMT
content-encoding: gzip
via: 1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
x-amz-cf-pop: VIE50-C2
age: 2618889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: XFOn-yBG0an0C0sicKe35f8HSQ3aePZ6DY8l51-bfiSattqXtY1xHA==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 77ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 28 Dec 2022 01:08:02 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0AA3F2AEC7846F093C3509313CED9C0 Ref B: FRAEDGE1221 Ref C: 2022-12-28T01:08:03Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
279 B 123ms
123ms XHR
application/json 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

69346971be17b3b83d423fe44bd4c7931a7538af39954245e762a0d5991fcba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-00f874d56cae8d46beeefef0c2a669bd
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-hhn-etou8220064-HHN
date: Wed, 28 Dec 2022 01:08:03 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=900
server: Kestrel
x-timer: S1672189683.156767,VS0,VE116
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 163ms
48ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.kriptomat.io/
Origin: https://app.kriptomat.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:51:11 GMT

OPTIONS
H3 204 en
api.kriptomat.io/api/v1/languages/ Frame 0
0 58ms
40ms Preflight 2606:4700:10::6816:ce1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kriptomat.io/api/v1/languages/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ce1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.kriptomat.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,DELETE,PUT,PATCH
access-control-allow-origin: https://app.kriptomat.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7806670f980b9bb8-FRA
content-length: 0
date: Wed, 28 Dec 2022 01:08:03 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H3 200 logo_full@1,5x.svg
app.kriptomat.io/img/logo/ 8 KB
4 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/logo/logo_full@1,5x.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9da3db66fc9ca32cb2f3e1593e0ce3122433e5f3803846de4e9f8627e41d5885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
server: cloudflare
etag: W/"63a58641-1ee5"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 7806670f7810bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 en Show response
api.kriptomat.io/api/v1/languages/ 163 KB
33 KB 62ms
60ms XHR
application/json 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kriptomat.io/api/v1/languages/en

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/js/chunk-vendors.c8a6e5f8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9a3e4b7135839f6a2073817eee1c7538d420d71bda0102cf952caecbdf2d7b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"28a54-ZbI+zT7Rimxe+UE2CDqo7QBDbGo"
vary: Origin
x-ratelimit-remaining: 159
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.kriptomat.io
access-control-allow-credentials: true
x-ratelimit-reset: 0
x-ratelimit-limit: 160
cf-ray: 7806670fd886bbf2-FRA

GET
H3 200 languages Show response
api.kriptomat.io/api/v1/ 1 KB
779 B 36ms
36ms XHR
application/json 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kriptomat.io/api/v1/languages

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/js/chunk-vendors.c8a6e5f8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

683aba306e0a396be0811a4f372fef1492c62e8e6e82bae694e401407202cf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"463-Zhq2awCOiT47qoU8xtpdKCh5zcU"
vary: Origin
x-ratelimit-remaining: 159
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.kriptomat.io
access-control-allow-credentials: true
x-ratelimit-reset: 0
x-ratelimit-limit: 160
cf-ray: 7806670fd888bbf2-FRA

OPTIONS
H3 204 languages
api.kriptomat.io/api/v1/ Frame 0
0 60ms
42ms Preflight 2606:4700:10::6816:ce1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.kriptomat.io/api/v1/languages

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ce1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.kriptomat.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,DELETE,PUT,PATCH
access-control-allow-origin: https://app.kriptomat.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7806670f980d9bb8-FRA
content-length: 0
date: Wed, 28 Dec 2022 01:08:03 GMT
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H3 200 en.d75a13ad.svg
app.kriptomat.io/img/ 1003 B
913 B 32ms
31ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/en.d75a13ad.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/css/app.b3d1a67f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f12dfb5b204a05df755c72a1e18cf1046eacb801b8f37f9d022e08306c2fc7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/css/app.b3d1a67f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: W/"63a58640-3eb"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 7806670f781ebbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v23/ 33 KB
34 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700&display=swap&subset=cyrillic,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.kriptomat.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:30:13 GMT
x-content-type-options: nosniff
age: 293870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34112
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 15:30:13 GMT

GET
H3 200 icomoon.04669307.ttf
app.kriptomat.io/fonts/ 15 KB
15 KB 30ms
29ms Font
application/octet-stream 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kriptomat.io/fonts/icomoon.04669307.ttf

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/css/app.b3d1a67f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

424698ddba4943ca0a11b0d7854d074448f5c28bf7fa1f8718c6d69957c4caf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.kriptomat.io/css/app.b3d1a67f.css
Origin: https://app.kriptomat.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15100
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: "63a58640-3afc"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7806670f7822bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 collector.min.c2dd9f3.html Show response
api.sardine.ai/assets/ Frame 1373 201 B
222 B 95ms
29ms Document
text/html 2600:1901:0:c901::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sardine.ai/assets/collector.min.c2dd9f3.html?r=2022-11-30-c2dd9f3
Requested by: Host: api.sardine.ai
URL: https://api.sardine.ai/assets/loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e9d3d5b3f41734a7a264e8f3542caa8c200df9e7dc2abc401e60e54f47039437

Request headers

Referer: https://app.kriptomat.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1800,no-transform
content-encoding: gzip
content-language: en
content-length: 193
content-type: text/html
date: Wed, 28 Dec 2022 00:38:32 GMT
etag: "45626ec670ef0bd0e9a95732fc85a9a0"
expires: Wed, 28 Dec 2022 01:08:32 GMT
last-modified: Wed, 30 Nov 2022 20:30:13 GMT
server: UploadServer
x-goog-generation: 1669840213941958
x-goog-hash: crc32c=fSGnZw== md5=RWJuxnDvC9DpqVcy/IWpoA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 193
x-guploader-uploadid: ADPycdthxyQ3r5VfpoD0mUAZKYylNBAxJWPOqaUC1u39_g70Kor0fuHULxfBIPN4mh9a6OoZj0SeCK_hqoS4GL6KKLvwKQ

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 86D4 2 KB
1 KB 59ms
7ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2571225.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-65.fra53.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://app.kriptomat.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2147161
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 04:42:02 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-id: aOQ2aJON8MCer5l6nptAsZz1myYVLeiQJDRXkwHWjnM5KEL_FF-gag==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Dec 2022 01:08:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bwX4N+lyyaT+YfYv1fpMo3YL2mO+kf/PhhLmIEPM2drmZnityEgjVU/bd6pzw2+qdP+HkOB1Mk+BTexJU3EXcg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 795249325204550 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 68ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/795249325204550?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35c648714927dcac1e295d710dabf7cf9505616b9d2b51829b9eb7bfdc26f767

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Dec 2022 01:08:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8RWPPVcJWmN6TU45nznbxmQN+XK3Mx/iTdZWb1RR3LVpSRMnRAUoo3EFnpX36LEFw8ibgh7WxFuCt+mtR4rYKg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 V7D4JNFLCZECZIFZ4UKSD7 Show response
d.adroll.com/consent/check/ 462 B
948 B 142ms
27ms Script
application/javascript 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/V7D4JNFLCZECZIFZ4UKSD7?pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2F&_s=134884f5ad7fb619166697a8104fe64b&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/V7D4JNFLCZECZIFZ4UKSD7/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 3ecd731c442b47881cd4db79c3fab08ec74e0d69ead07c17a18d8dcee09684c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 462
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3 200 collector.c2dd9f3.js Show response
api.sardine.ai/assets/ Frame 1373 180 KB
49 KB 30ms
29ms Script
application/javascript 2600:1901:0:c901::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sardine.ai/assets/collector.c2dd9f3.js
Requested by: Host: api.sardine.ai
URL: https://api.sardine.ai/assets/collector.min.c2dd9f3.html?r=2022-11-30-c2dd9f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 24202560b07f4d9cbd0b3133b8f7690068c92c80d144e38a163abd8b8e67b8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.sardine.ai/assets/collector.min.c2dd9f3.html?r=2022-11-30-c2dd9f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 00:40:40 GMT
content-encoding: gzip
age: 1643
x-guploader-uploadid: ADPycdvrWlmmbZ_wgi25rvYZ_Q456Kv2SGw64R0Z8QRTLYJEscV8SwFvESBtROaLfpmnNajx_D5zuk_fBf-FLCYfaF-goA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50557
last-modified: Wed, 30 Nov 2022 20:30:14 GMT
server: UploadServer
etag: "fceff8a49abc6fa05ae3494f2d76891a"
x-goog-hash: crc32c=aDygPA==, md5=/O/4pJq8b6Ba40lPLXaJGg==
x-goog-generation: 1669840214004769
content-language: en
content-type: application/javascript
cache-control: public, max-age=1800,no-transform
x-goog-stored-content-length: 50557
accept-ranges: bytes
expires: Wed, 28 Dec 2022 01:10:40 GMT

POST
H2 204 collect
j.clarity.ms/ 0
165 B 456ms
203ms Ping
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://app.kriptomat.io
date: Wed, 28 Dec 2022 01:08:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
75 KB 185ms
85ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G95CEPBWPW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K735JVZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84c322b585d51086ada92e87050652e3f98c579e6c774e7cd62af8695186b6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Dec 2022 01:08:03 GMT

GET
H3 200 strong-passwords.svg
app.kriptomat.io/img/icons/ 3 KB
1 KB 36ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/icons/strong-passwords.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ec0036ea8dbcb273d884342bb8db9a7266a280905984b10bcc99840e5015bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
server: cloudflare
etag: W/"63a58641-a3f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 780667109981bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 remote-control.svg
app.kriptomat.io/img/icons/ 3 KB
2 KB 27ms
26ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/icons/remote-control.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a1342cf88d537df3e90d3cb293ce2ce068f057236dbdda60ed537e9edfc023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
server: cloudflare
etag: W/"63a58641-d33"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 780667109982bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 scams.svg
app.kriptomat.io/img/icons/ 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/icons/scams.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a992905f8ea98f7406d98c171fad25b204700682f0758c71f125f2cb4a7259cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
server: cloudflare
etag: W/"63a58641-8ba"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 780667109983bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 never-call.svg
app.kriptomat.io/img/icons/ 3 KB
2 KB 37ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/icons/never-call.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d892cef3db1e9b503a3c90d3676711c1a19baa491798b3c11e2a939354ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
server: cloudflare
etag: W/"63a58641-bc3"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 780667109984bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 2fa-v2.svg
app.kriptomat.io/img/icons/ 5 KB
2 KB 36ms
35ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/icons/2fa-v2.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f3b25fefd568c64dd0363a5e91fdfc4e7905c72d788b299a614dfa53c62642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:13 GMT
server: cloudflare
etag: W/"63a58641-15a2"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 780667109986bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 bg-r.2bc1f342.png
app.kriptomat.io/img/ 241 KB
242 KB 36ms
36ms Image
image/png 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/bg-r.2bc1f342.png

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/css/app.b3d1a67f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd0042fa19ffbfa854e1737b713586f6bc7c644dcd8e5d7f15389c3749efb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/css/app.b3d1a67f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=257604, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 247232
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: "63a58640-3ee44"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 780667109987bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H3 200 blue-squares-pattern.svg
app.kriptomat.io/img/ 20 KB
6 KB 35ms
35ms Image
image/svg+xml 2606:4700:10::ac43:9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.kriptomat.io/img/blue-squares-pattern.svg

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8542fb22102820b010f1866980ea4a9b15aa3dda19c597cd48f3df63706bac71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Dec 2022 10:43:12 GMT
server: cloudflare
etag: W/"63a58640-4f79"
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: x-ma-sid,x-ma-bid,uniqueid
cache-control: max-age=86400
permissions-policy: autoplay=(), microphone=(), midi=(), usb=()
vary: Accept-Encoding
cf-ray: 78066710a9a6bbf2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-ma-sid,x-ma-bid,uniqueid,Content-Type,X-PINGOTHER

GET
H2 200 137020993.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 114ms
113ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137020993.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0be211be97803a06a511272c3ed911ad975afa7db8a2fa786b654655ad12c392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 28 Dec 2022 01:08:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BADEB008826646C5B35200178763E396 Ref B: FRAEDGE1221 Ref C: 2022-12-28T01:08:03Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1447

GET
H2 204 0
bat.bing.com/action/ 0
175 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137020993&Ver=2&mid=7ea44ec6-0342-460c-af48-3e1345650548&sid=1437b340864c11edb7fe3f05dafcbae3&vid=1437a240864c11eda86ab95301e556ff&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Kriptomat&p=https%3A%2F%2Fapp.kriptomat.io%2Flogin&r=&lt=841&evt=pageLoad&sv=1&rn=781401

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 01:08:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E5404ACF20842CEBFD44E2C04C4B015 Ref B: FRAEDGE1221 Ref C: 2022-12-28T01:08:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/ 0
58 B 60ms
10ms XHR
text/plain 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-hhn-etou8220056-HHN
date: Wed, 28 Dec 2022 01:08:03 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1672189683.402224,VS0,VE4
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/ 0
58 B 58ms
9ms XHR
text/plain 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-hhn-etou8220056-HHN
date: Wed, 28 Dec 2022 01:08:03 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1672189683.402204,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/ 0
201 B 57ms
8ms XHR
text/plain 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-hhn-etou8220056-HHN
date: Wed, 28 Dec 2022 01:08:03 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1672189683.402191,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 200 / Show response
api2.amplitude.com/ 7 B
206 B 567ms
183ms XHR
text/html 54.200.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.194.178 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-194-178.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Dec 2022 01:08:03 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63ab96f3-2d12f9cf1ce3785141868613
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 202 Forwarding Show response
jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/ 0
58 B 55ms
9ms XHR
text/plain 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-00f874d56cae8d46beeefef0c2a669bd/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-hhn-etou8220056-HHN
date: Wed, 28 Dec 2022 01:08:03 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1672189683.402186,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 117ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2109244378&t=pageview&_s=1&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&ul=en-us&de=UTF-8&dt=Kriptomat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=341951318&gjid=2106068520&cid=1462269393.1672189683&tid=UA-112514287-1&_gid=1207041806.1672189683&_r=1&gtm=2oubu0&z=132039068

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 113ms
44ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2109244378&t=pageview&_s=1&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&ul=en-us&de=UTF-8&dt=Kriptomat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEHAAUABAAAAACAAI~&jid=2113851756&gjid=1207550310&cid=1462269393.1672189683&uid=0&tid=UA-112514287-1&_gid=1207041806.1672189683&_r=1&gtm=2wgbu0K735JVZ&z=2081342657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 110ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2109244378&t=event&_s=1&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&ul=en-us&de=UTF-8&dt=Kriptomat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Other&ea=Login%3A%3AVisit&el=&_u=YEHAAUABAAAAACAAI~&jid=1052551257&gjid=2071865951&cid=1462269393.1672189683&tid=UA-112514287-1&_gid=1207041806.1672189683&_r=1&_slc=1&z=951017259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 108ms
42ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2109244378&t=pageview&_s=2&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Kriptomat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEHAAUABAAAAACAAI~&jid=&gjid=&cid=1462269393.1672189683&tid=UA-112514287-1&_gid=1207041806.1672189683&gtm=2oubu0&z=1723543923

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80732
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 38ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=795249325204550&ev=PageView&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&rl=&if=false&ts=1672189683422&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1672189683421.294399872&it=1672189683168&coo=false&rqm=GET

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Dec 2022 01:08:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 38ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=795249325204550&ev=Login%3A%3AVisit&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&rl=&if=false&ts=1672189683423&cd[content_name]=Login%3A%3AVisit&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1672189683421.294399872&it=1672189683168&coo=false&eid=a540b79b-5eba-4e4a-915c-6cc50a7eabc9&rqm=GET

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Dec 2022 01:08:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 24FE 42 KB
22 KB 136ms
55ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVAfwUAAAAAD5mrd1bndx4bMa13XVUSzt7vMGp&co=aHR0cHM6Ly9hcHAua3JpcHRvbWF0LmlvOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=bottomleft&cb=6xxutxgrgsn4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2718d3adf7a46b79c0ac9b709ddc77ec4b47d0bbdd6e9a6df0144ac9892c3ba6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0hjK_c62mFy8qMb-UNSmqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.kriptomat.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22091
content-security-policy: script-src 'report-sample' 'nonce-0hjK_c62mFy8qMb-UNSmqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 01:08:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 19ms
18ms Script
application/javascript 2600:9000:211a:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/V7D4JNFLCZECZIFZ4UKSD7/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Amz-Version-Id: wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw
Content-Encoding: gzip
Via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
Date: Tue, 27 Dec 2022 19:45:32 GMT
Age: 19352
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 21:48:50 GMT
Server: AmazonS3
Etag: W/"9f2aa6ae991d93164d9512029d813cad"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zl87BvyRSND98EiRzu8vrqQndgeiiop_nNkzsC16Q4UNc7BljbleKQ==

GET
H2 200 D4DIZ4MBAVDW7EUQFQX7VC Show response
d.adroll.com/segment/V7D4JNFLCZECZIFZ4UKSD7/ 42 B
946 B 29ms
28ms XHR
image/gif 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/V7D4JNFLCZECZIFZ4UKSD7/D4DIZ4MBAVDW7EUQFQX7VC?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/V7D4JNFLCZECZIFZ4UKSD7/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
x-segment-display-name: User Login
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: o
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.0
x-rule: */login
x-segment-eid: A3XIL2UQZZHANDLUTE4ZBB
content-type: image/gif
access-control-allow-origin: https://app.kriptomat.io
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: D4DIZ4MBAVDW7EUQFQX7VC
x-segment-name: 0e7dcc6b
access-control-allow-headers: *
x-advertisable-eid: V7D4JNFLCZECZIFZ4UKSD7
x-conversion-currency: EUR

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://x.bidswitch.net/sync?dsp_id=44&user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

43 B
345 B

9ms
9ms

Image
image/gif

3.64.108.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Server: 3.64.108.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-108-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Td-bgeSP9zBX6V7xKW0OOQ
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=Td-bgeSP9zBX6V7xKW0OOQ&google_tc=
https://d.adroll.com/cm/g/in

42 B
552 B

27ms
26ms

Image
image/gif

2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Server: 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:04 GMT
server: nginx/1.22.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expiration=1703725683
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expiration=1703725683&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expiration=1703725683&C=1
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 01:08:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 01:08:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=105&external_user_id=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expiration=1703725683&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expires=365

0
239 B

45ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expires=365
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&expires=365
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://us-u.openx.net/w/1.0/sd?id=537103138&val=4ddf9b81e48ff73057e95ef1296d0e39&gdpr=1&gdpr_consent=

43 B
273 B

139ms
38ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=4ddf9b81e48ff73057e95ef1296d0e39&gdpr=1&gdpr_consent=
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=4ddf9b81e48ff73057e95ef1296d0e39&gdpr=1&gdpr_consent=
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=

0
145 B

130ms
18ms

Image
text/plain

20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: HTTP/1.1
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 28 Dec 2022 01:08:03 GMT
Cache-Control: no-cache
X-TraceId: 3775582c4bb86f4225910a96dd88a0f2
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 121
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
493 B

117ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

0
90 B

79ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13761

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://eb2.3lift.com/xuid?mid=4714&xuid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&dongle=c85e

37 B
140 B

58ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&dongle=c85e
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&dongle=c85e
pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&advertisable=V7D4JNFLCZECZIFZ4UKSD7
https://ib.adnxs.com/setuid?entity=172&code=NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

43 B
1 KB

25ms
25ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 01:08:03 GMT
AN-X-Request-Uuid: 0f69030d-1b07-4031-aef3-51f3be24796a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 01:08:03 GMT
AN-X-Request-Uuid: 5882e8ea-6f17-45b5-b2f0-cfb1597290e4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 D4DIZ4MBAVDW7EUQFQX7VC
ipv4.d.adroll.com/seg4/V7D4JNFLCZECZIFZ4UKSD7/ 42 B
930 B 152ms
31ms Image
image/gif 54.73.160.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/seg4/V7D4JNFLCZECZIFZ4UKSD7/D4DIZ4MBAVDW7EUQFQX7VC?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.160.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-160-208.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
x-segment-display-name: User Login
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: o
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.0
x-rule: */login
x-segment-eid: A3XIL2UQZZHANDLUTE4ZBB
content-type: image/gif
access-control-allow-origin
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: D4DIZ4MBAVDW7EUQFQX7VC
x-segment-name: 0e7dcc6b
access-control-allow-headers: *
x-advertisable-eid: V7D4JNFLCZECZIFZ4UKSD7
x-conversion-currency: EUR

GET
H2 200 /
d.adroll.com/uev/V7D4JNFLCZECZIFZ4UKSD7/D4DIZ4MBAVDW7EUQFQX7VC/ 2 B
612 B 55ms
52ms Image
text/plain 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/uev/V7D4JNFLCZECZIFZ4UKSD7/D4DIZ4MBAVDW7EUQFQX7VC/?adroll_fpc=c71a0ec23e7c613f75405d3609062cd9-1672189683456&pv=92171949490.5062&arrfrr=https%3A%2F%2Fapp.kriptomat.io%2Flogin&event_name=productView&adroll_version=2.0
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-conversion-value
server: nginx/1.22.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: text/plain
x-event-name: productView
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: D4DIZ4MBAVDW7EUQFQX7VC
x-event-attributes
x-advertisable-eid: V7D4JNFLCZECZIFZ4UKSD7
content-length: 2
x-conversion-currency

GET
H2 200 137020993 Show response
www.clarity.ms/tag/uet/ 1 KB
1 KB 104ms
103ms Script
application/x-javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137020993
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137020993.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 93440dec92e49f87948889675b6c50f310ed0807b22ace6bd67e33e587bc3fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 28 Dec 2022 01:08:02 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 085arYwAAAAAqEj13X69XQZUxdQ/pDkl6RFVTMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 60ms
18ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=341951318&gjid=2106068520&_gid=1207041806.1672189683&_u=YEDAAUAAAAAAACAAI~&z=1113644375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 60ms
18ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=2113851756&gjid=1207550310&_gid=1207041806.1672189683&_u=YEHAAUABAAAAACAAI~&z=2014892163

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 60ms
19ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=1052551257&gjid=2071865951&_gid=1207041806.1672189683&_u=YEHAAUABAAAAACAAI~&z=2057314942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 24FE 52 KB
24 KB 143ms
47ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVAfwUAAAAAD5mrd1bndx4bMa13XVUSzt7vMGp&co=aHR0cHM6Ly9hcHAua3JpcHRvbWF0LmlvOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=bottomleft&cb=6xxutxgrgsn4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:13:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 24FE 407 KB
163 KB 167ms
71ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 08:51:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 103ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G95CEPBWPW&gtm=2oebu0&_p=2109244378&cid=1462269393.1672189683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=0&sid=1672189683&sct=1&seg=0&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&dt=Kriptomat&en=page_view&_fv=2&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G95CEPBWPW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.kriptomat.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=341951318&_u=YEDAAUAAAAAAACAAI~&z=152047470

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 189ms
71ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=341951318&_u=YEDAAUAAAAAAACAAI~&z=152047470

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
25 B 95ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://app.kriptomat.io
date: Wed, 28 Dec 2022 01:08:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=2113851756&_u=YEHAAUABAAAAACAAI~&z=1781485483

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 130ms
72ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=2113851756&_u=YEHAAUABAAAAACAAI~&z=1781485483

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=1052551257&_u=YEHAAUABAAAAACAAI~&z=1852939743

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 153ms
96ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-112514287-1&cid=1462269393.1672189683&jid=1052551257&_u=YEHAAUABAAAAACAAI~&z=1852939743

Requested by

Host: app.kriptomat.io
URL: https://app.kriptomat.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b.png
p.sardine.ai/v1/ Frame 1373 68 B
292 B 441ms
132ms Image
image/png 35.232.130.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sardine.ai/v1/b.png?sessionKey=f395b64c-8522-4d6a-82a5-3613730ed82e&clientId=5eaff08d-1b27-4e3b-ac29-fd7f7c2beddc&flow=%2F
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.232.130.7 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 7.130.232.35.bc.googleusercontent.com
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.sardine.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
x-accel-expires: 0
date: Wed, 28 Dec 2022 01:08:04 GMT
content-type: image/png
x-version-id: 44471e9
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-request-id: c1b19243-7e9e-42b4-874a-e693e67eb7d4
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H3 200 events Show response
api.sardine.ai/v1/ Frame 1373 503 B
522 B 328ms
296ms XHR
application/json 2600:1901:0:c901::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sardine.ai/v1/events
Requested by: Host: api.sardine.ai
URL: https://api.sardine.ai/assets/collector.c2dd9f3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 8fee58f1578cb8f7b6518592542aee30516d7526ce027a4177637d5a2dc76334

Request headers

Referer: https://api.sardine.ai/assets/collector.min.c2dd9f3.html?r=2022-11-30-c2dd9f3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Dec 2022 01:08:04 GMT
via: 1.1 google
access-control-allow-methods: POST, GET, OPTIONS
x-version-id: 7f55c6f
access-control-allow-origin: https://docs.sardine.ai
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Origin, Content-Type, Accept, Authorization
content-length: 503
x-request-id: 5279582f-4f3d-4da1-893e-58c869810886

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 24FE 2 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 15:21:21 GMT
x-content-type-options: nosniff
age: 35202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 03 Jan 2023 15:21:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24FE 15 KB
15 KB 108ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 20797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Dec 2023 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24FE 15 KB
15 KB 112ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 22096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Dec 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 24FE 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVAfwUAAAAAD5mrd1bndx4bMa13XVUSzt7vMGp&co=aHR0cHM6Ly9hcHAua3JpcHRvbWF0LmlvOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=bottomleft&cb=6xxutxgrgsn4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 28 Dec 2022 01:08:03 GMT

GET
H2 200 b31tz438 Show response
widget.intercom.io/widget/ 18 KB
7 KB 449ms
388ms Script
application/javascript 52.84.106.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/b31tz438
Requested by: Host: app.kriptomat.io
URL: https://app.kriptomat.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.106.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-106-92.bud50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8376213bf6f0f72def83b2ab968a0774b034713af47830eecdc75e441bb1bba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ek5KExvHI.BvxyAq59cvRwh1Xf.Ev15U
content-encoding: gzip
via: 1.1 eb9781eaf534229bf5ad50a1b819581a.cloudfront.net (CloudFront)
date: Wed, 28 Dec 2022 01:00:08 GMT
x-amz-cf-pop: BUD50-C1
age: 590
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6169
last-modified: Thu, 22 Dec 2022 14:57:43 GMT
server: AmazonS3
etag: "dedb187b013d08b7a0a1b185e114c852"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: r1HJ3HI53anv8QX6-o6Wl1BJkWdOsZ1be72K5OCt4-AI5DZLXkX6SQ==

GET
H2 200 in-app-eu.js Show response
assets.customer.io/assets/ 2 KB
1 KB 12ms
12ms Script
application/javascript 2600:9000:2190:4800:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/in-app-eu.js
Requested by: Host: assets.customer.io
URL: https://assets.customer.io/assets/track-eu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4800:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f85363297fc43de46e4a92e1c9bea9dc6e3395203c27e14224299071b59af52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 17:36:10 GMT
content-encoding: gzip
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 19:01:36 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 27114
etag: W/"0ca5129b65a665128e031a14888c8a06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: SqwA9yVSberIGhd_6azE-QMkbUHbvR6TprXphJlUA8mJwFlRBVgLCg==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=C967E138C2E249EABC5E092F64AFA2F2&RedC=c.clarity.ms&MXFR=3C6C265146D26C92129234D942D2629F
https://c.clarity.ms/c.gif?CtsSyncId=C967E138C2E249EABC5E092F64AFA2F2&MUID=3C4735BC32F068242519273433226923

42 B
367 B

28ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=C967E138C2E249EABC5E092F64AFA2F2&MUID=3C4735BC32F068242519273433226923
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
server: Microsoft-IIS/10.0
etag: "ea79178b57ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 28 Dec 2022 01:08:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75C8ED551EB84681A211EAC87A6533B9 Ref B: FRAEDGE1221 Ref C: 2022-12-28T01:08:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=C967E138C2E249EABC5E092F64AFA2F2&MUID=3C4735BC32F068242519273433226923
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

gist.min.js Show response
code.gist.build/web/2.12.0/
Redirect Chain

https://code.gist.build/web/stable/gist.min.js
https://code.gist.build/web/2.12.0/gist.min.js

34 KB
12 KB

24ms
24ms

Script
application/javascript

2606:4700:20::681a:b92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.gist.build/web/2.12.0/gist.min.js

Protocol

Server

2606:4700:20::681a:b92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7585d17b34104c5f70f5234ce0cc2f4f999708dad6f5e404496c966c81013ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000bdd44fc2-00635a63b1-2ce11a04-ams3b
age: 503
last-modified: Thu, 27 Oct 2022 10:52:21 GMT
server: cloudflare
etag: W/"2b82b2395843a2b15ed22ad4f00c3562"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1666868161.dop203.fr8.t,1666868161.cds057.fr8.hn,1666868161.cds156.fr8.c
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPjkMqt5VoGTqDx8ZZRMgh%2BWIlS%2B1k8HhceomXJGuiyy419wAPiJWKVphMwheJ9q2q9vA%2Fv1ugGGySDD9UJArpGVSsX9%2BlZYiaKMNZRbnp3DU3ihu%2FEDmMQHZjLrUe4MKHE%2ByBgrcdAJOYjOwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-rgw-object-type: Normal
cf-ray: 780667160aed5c5c-FRA

Redirect headers

date: Wed, 28 Dec 2022 01:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJCCgNemPOUTIyHuwJTWn3mfutmzLQPbV5DexVPp7SLjIBSfQmzjCMwaBjb9e%2Fw2XedFlIdg3dQsxPIJ6T%2B0kWYhrnFYVtzGdY6h%2F6OWvzbGndMLlV8%2FT5QlJqG2DMRtPOs%2FwyRDW5hgixZn0A%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://code.gist.build/web/2.12.0/gist.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 78066715ead25c5c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 page.gif
track-eu.customer.io/events/ 35 B
242 B 164ms
42ms Image
image/gif 34.120.129.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-eu.customer.io/events/page.gif?name=https%3A%2F%2Fapp.kriptomat.io%2F&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=6d47d4a9-413d-805f-4c5a-feed42845ec2&site_id=2cf5f71a578a243bba7b&timestamp=1672189684132
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.129.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.129.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:04 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2

200

index.html Show response
code.gist.build/renderer/0.0.17/ Frame DD47
Redirect Chain

https://renderer.gist.build/1.0/index.html
https://code.gist.build/renderer/0.0.17/index.html

188 B
873 B

60ms
59ms

Document
text/html

2606:4700:20::681a:b92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.gist.build/renderer/0.0.17/index.html

Requested by

Host: code.gist.build
URL: https://code.gist.build/web/stable/gist.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62ffc5b1e0972c97ec2d31338179fafc14a70d77a53007ad088d6b5ed9408327

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://app.kriptomat.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3475
cf-cache-status: DYNAMIC
cf-ray: 780667168b5a5c5c-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Dec 2022 01:08:04 GMT
last-modified: Wed, 26 Oct 2022 07:39:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuE12UkHsgjcgrGIM75EiJgQDb0HvW8WJOoHQWeYaT1ebMAzsKbHc6uoe34bHgZwjn9w0%2BFFgaOeMnsyJFW08l0jcvJxu9cJS4vHzo9jJaVvgp%2Bph%2Fce5DHyJJZ5TcdbqmbPO3peKWZ1nrvjAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx0000000000000eeb5eb73-0063ab9677-2f83d257-ams3b
x-hw: 1672189684.dop156.am5.t,1672189684.cds230.am5.hn,1672189684.cds288.am5.c
x-rgw-object-type: Normal
x-sp-metadata: HS256.CITKrp0GEogBCiRmNmY0OWM0ZC0yZjE5LTRiN2QtOTFmOC1hMzk3ZmIwNjI1NGUQiM3874nH+wIaBgj0ra6dBiINMTYyLjE1OC44Ni44NyiK1gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBorCAESJGNhMzhmN2EwLWUxYTQtNDk5Yi05YjQxLWM2MGMxNjJiOTA1Mhi8ASIYCAISFGNkczI4OC5hbTUuaHdjZG4ubmV0.vkaq9nbBcz1hwQeXSj4BdGR1JkogFdX+oHBc0005obY=

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 780667165b3c5c5c-FRA
date: Wed, 28 Dec 2022 01:08:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://code.gist.build/renderer/0.0.17/index.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYg42KSPllmXqwrHgItMJak%2B4gnXRLuwO9%2B9GRlhHL%2Bp1AFEKs0tRpuhaXcp3K%2BHqfZnCwQC%2B%2Br5o7eHN4I%2BDR4MbB9zJwOUR0b%2FoAQoDEWdHvbOZCPBPMP2TFanSKL%2FNp8OGLkepLbYLgXAdeL5Q7k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.dart.js Show response
code.gist.build/renderer/0.0.17/ Frame DD47 2 MB
534 KB 37ms
37ms Script
application/javascript 2606:4700:20::681a:b92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.gist.build/renderer/0.0.17/main.dart.js

Requested by

Host: code.gist.build
URL: https://code.gist.build/renderer/0.0.17/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa7487d6ac118f0ac1eb110afe86080548e760dc6328e7631d87265f74d66ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://code.gist.build/renderer/0.0.17/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005694e5bb-006359038c-2f83d257-ams3b
age: 3481
last-modified: Wed, 26 Oct 2022 07:39:56 GMT
server: cloudflare
etag: W/"c4136b7db6ac049785e2c65fae5f18c8"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1666778007.dop262.am5.t,1666778007.cds276.am5.hn,1666778007.cds155.am5.c
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BRg%2BQxgIbCQK9BqT%2BhqPiGI95xRY8O7BwLV2ZuRDDM5jgMBWtWRGlheTbrf3PeWii%2B718hhoSODFRnC0uaKo1nGbv05awZDMuR%2Fbgh9DOzBFyF1fTBOS2R0WxMigVMqKk2YU0wpb%2B2gec9jMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-rgw-object-type: Normal
cf-ray: 780667170bc35c5c-FRA

GET
H2 200 FontManifest.json Show response
code.gist.build/renderer/0.0.17/assets/ Frame DD47 2 B
830 B 32ms
32ms XHR
application/json 2606:4700:20::681a:b92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.gist.build/renderer/0.0.17/assets/FontManifest.json

Requested by

Host: code.gist.build
URL: https://code.gist.build/renderer/0.0.17/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://code.gist.build/renderer/0.0.17/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005d24c833-0063ab8fa1-334190d1-ams3b
content-length: 2
x-sp-metadata: HS256.CITKrp0GEogBCiRjNTBhZjdkNi0yYTEyLTQ2MDMtYTQ3OC1iYTRhZTA0M2FjMDkQiM3874nH+wIaBgj0ra6dBiINMTYyLjE1OC44Ni44NyiK1gIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBoqCAESJGRhNzE5ZTY2LTZmYmYtNDlmMy05ZDA5LTZlNjdkZjM0ZmQxNxgCIhgIAhIUY2RzMzA0LmFtNS5od2Nkbi5uZXQ=.jtEPvxdhSTxs/hEn1KkGovJ8H/muHG9SXA7XAPCABXM=
last-modified: Wed, 26 Oct 2022 07:39:57 GMT
server: cloudflare
etag: "d751713988987e9331980363e24189ce"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1672189684.dop156.am5.t,1672189684.cds230.am5.hn,1672189684.cds304.am5.c
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiDT7e%2Fn0PQW0cu2y2lsAiHsOO%2Ba2iistV8hVIZp9NUh5fxLHi3iecq%2Fww%2F6K%2F6MJcfZ1OAAZIJis8j6LfbFjySRO5%2BHmA%2B5sc0buXz6b63WUjjcAh6scwfCMV3F88%2FcENmmT24LngTKBrzYsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1725
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 780667188d125c5c-FRA

GET
H2 200 frame-modern.84f2c4dc.js Show response
js.intercomcdn.com/ Frame D96C 460 KB
126 KB 91ms
20ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/b31tz438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

30b367f1488f33aa94f6883f8d9f54b01ec5e94b2aca9732b91ac50315ec4a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KBr9tWYu.HnFqRnpF.xT1VrJgTj.bQad
content-encoding: gzip
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
date: Wed, 28 Dec 2022 00:23:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 2695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 127834
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "ce15b2129758ddd72d5a7a9aea24d1b4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: a1xjSbNbNjjafrDL77lvvkb8sIlKO0N-miWuQ-IeWwxnD3fLyQwS9A==

GET
H2 200 vendor-modern.f25dd2ad.js Show response
js.intercomcdn.com/ Frame D96C 236 KB
73 KB 127ms
56ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.f25dd2ad.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/b31tz438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c43cbb6e3f43bd664d2b7935e1c00d8324c8aebeaa9c6f9f9cdff45cc924536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0wIAmRE7R_Y2ostthhDLvXu6KbHx9ewM
content-encoding: gzip
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
date: Wed, 28 Dec 2022 00:44:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 1395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74428
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "33755b7e22d2696a67cc096c468e0ad1"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: oWAFLX7B2W4ydRqJbELXTveQbTxSCs3jmyrR-3sB5voJSf3qwJKMug==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame D96C 6 KB
3 KB 839ms
501ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4b126fca1db8f7c7dbe52034acaae74233c7d381cf4c24739c239174ff8a3eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Dec 2022 01:08:05 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-054b48e626e6a2971
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00373724jc3a3ougcj70
x-runtime: 0.369931
server: nginx
etag: W/"4b126fca1db8f7c7dbe52034acaae742"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.kriptomat.io
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1672189690
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 94ms
94ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://app.kriptomat.io
date: Wed, 28 Dec 2022 01:08:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=795249325204550&ev=Microdata&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&rl=&if=false&ts=1672189684957&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Kriptomat%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1672189683421.294399872&it=1672189683168&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Dec 2022 01:08:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 9384998c5d2600942b5e36cb73b9d50a.jpg
downloads.intercomcdn.com/i/o/303615/ba684b193c14782707b153c3/ 37 KB
33 KB 505ms
277ms Image
image/jpeg 3.33.152.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/303615/ba684b193c14782707b153c3/9384998c5d2600942b5e36cb73b9d50a.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

82c3b325b3d79c7be9e6307b86464559cad17836de522f473c3d2c18b3c83869

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.kriptomat.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:06 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-09f8a62b57e72717d
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="9384998c5d2600942b5e36cb73b9d50a.jpg"; filename*=UTF-8''9384998c5d2600942b5e36cb73b9d50a.jpg
x-xss-protection: 1; mode=block
x-request-id: 0038joq6v86kgo0t6u3g
x-runtime: 0.166107
last-modified: Thu, 25 Nov 2021 13:43:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: image/jpeg
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
cache-control: max-age=86400, private

POST
H2 200 match Show response
api-iam.intercom.io/messenger/web/rulesets/28170702/ Frame D96C 1002 B
1 KB 389ms
389ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/rulesets/28170702/match

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c4c91fc06f3bf7a65c251b4f902f6109f6dceb26a096ef70715ef427a011576f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Dec 2022 01:08:05 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-054b48e626e6a2971
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00392racsvu6leh32f3g
x-runtime: 0.262985
server: nginx
etag: W/"c4c91fc06f3bf7a65c251b4f902f6109"
x-ratelimit-remaining: 13330
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.kriptomat.io
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1672189690
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame D96C 4 B
747 B 276ms
276ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Dec 2022 01:08:05 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-054b48e626e6a2971
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 003783tq3go8vsng1m5g
x-runtime: 0.143318
server: nginx
etag: W/"e10808d43975dc400731053386849f86"
x-ratelimit-remaining: 13332
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.kriptomat.io
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1672189690
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H3 200 vendors~app~tooltips-modern.41236692.js Show response
js.intercomcdn.com/ Frame D96C 503 KB
97 KB 66ms
19ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app~tooltips-modern.41236692.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5b96caec3cae326ad60df29c2b9fe66d35da570313947993edc3d099746c5033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Dec 2022 23:08:42 GMT
content-encoding: gzip
x-amz-version-id: MqD1exWuZdWevczfb0MSLhj_PoinA4Qn
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 7164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 99352
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "7f0c87671d3360ba843d57612d2b2b55"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: BfM-JD_esOtuyKN6BID74UCuPimQHRTxkoIiufrFHZFberRyfSXMAA==

GET
H3 200 vendors~app-modern.352949ce.js Show response
js.intercomcdn.com/ Frame D96C 45 KB
13 KB 68ms
22ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app-modern.352949ce.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c26360cf277939bfcba57f0685efd35f7dbd75c35278e3309ee7b6b6d6f456fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 00:44:57 GMT
content-encoding: gzip
x-amz-version-id: pjWHgp.8f6mUZZ5wSXPtXnMtCn8FeDqg
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1390
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12907
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "44857623fd50cedb2a9007004fc75f46"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 0QOHhY0F12oqwmRAAJDqWuz0TjqNoIefh6SfKClDRsqCOImVJVyq-w==

GET
H3 200 app~tooltips-modern.637d9f80.js Show response
js.intercomcdn.com/ Frame D96C 213 KB
53 KB 68ms
23ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app~tooltips-modern.637d9f80.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ce9e74f1c75346775317689adec48a90ec695766a4554ad2de27bc022cfb7b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-version-id: bXUR5hOgtrwjVylzmAAaGHfScADJqsL3
date: Wed, 28 Dec 2022 00:59:34 GMT
x-amz-cf-pop: VIE50-C2
age: 513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 53956
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "dadd64cc6c4a012570637501b70b2163"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: WeVe8p2vM9j9ZKHAkjhU7No3SybW8CAIdMxIpLDNWxd8HIua8TqJRw==

GET
H3 200 app-modern.2a850981.js Show response
js.intercomcdn.com/ Frame D96C 564 KB
144 KB 66ms
22ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app-modern.2a850981.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e70acab9f5e56a161883b63fc9fb8e5ea1bbc974b650bdfc2d4bfefd22ce799f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-version-id: Xp6AOa3fzdr0.sS3EBC9eBgcK9f7oOjG
date: Tue, 27 Dec 2022 23:57:37 GMT
x-amz-cf-pop: VIE50-C2
age: 4236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 147403
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "e4c5f43b7e94fdb17cf2dac11e1a9dda"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: oKXmf0hTkfXhOO_-DOCZC7WhNnJfmB70pHZzPo6R6rRsTPbtyeDg9w==

GET
H3 200 banner-modern.d28ff4b5.js Show response
js.intercomcdn.com/ Frame D96C 12 KB
4 KB 20ms
20ms Script
application/javascript 13.32.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/banner-modern.d28ff4b5.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.84f2c4dc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.110.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-21.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7fff6acf83f4c59116d8a9777d1750b2ada8f0aa983b893a5fe4dc713f015afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
x-amz-version-id: CLqd_M_Yjmc15xtUaHHI_khkzT_hLscn
date: Wed, 28 Dec 2022 00:20:00 GMT
x-amz-cf-pop: VIE50-C2
age: 2959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3901
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
server: AmazonS3
etag: "4f5c03460b3e1a9d03f370f103315267"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: fbAPfV02UyHz4otIO3H1hdE7L_THDpkCue9MZVUnuPv0PJpV34iM9Q==

GET
H2 200 9384998c5d2600942b5e36cb73b9d50a.jpg
downloads.intercomcdn.com/i/o/303615/ba684b193c14782707b153c3/ Frame 29D1 37 KB
33 KB 273ms
273ms Image
image/jpeg 3.33.152.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/303615/ba684b193c14782707b153c3/9384998c5d2600942b5e36cb73b9d50a.jpg

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendors~app~tooltips-modern.41236692.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

82c3b325b3d79c7be9e6307b86464559cad17836de522f473c3d2c18b3c83869

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:08:06 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-09f8a62b57e72717d
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="9384998c5d2600942b5e36cb73b9d50a.jpg"; filename*=UTF-8''9384998c5d2600942b5e36cb73b9d50a.jpg
x-xss-protection: 1; mode=block
x-request-id: 0038h9qgt24jo642lg40
x-runtime: 0.167258
last-modified: Thu, 25 Nov 2021 13:43:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: image/jpeg
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
cache-control: max-age=86400, private

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 96ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://app.kriptomat.io
date: Wed, 28 Dec 2022 01:08:06 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-00f874d56cae8d46beeefef0c2a669bd/ 42 B
180 B 9ms
8ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-00f874d56cae8d46beeefef0c2a669bd/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-00f874d56cae8d46beeefef0c2a669bd/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5dc5a77bac6976ad0c0b6f1879a2ff2b7e639c56d76758b3e93daf6bd203e41a

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://app.kriptomat.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-hhn-etou8220056-HHN
date: Wed, 28 Dec 2022 01:08:08 GMT
content-encoding: gzip
via: 1.1 varnish
server: Kestrel
x-timer: S1672189688.352415,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G95CEPBWPW&gtm=2oebu0&_p=2109244378&cid=1462269393.1672189683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&uid=0&sid=1672189683&sct=1&seg=0&dl=https%3A%2F%2Fapp.kriptomat.io%2Flogin&dt=Kriptomat&en=scroll&epn.percent_scrolled=90&_et=20

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-20 17:15:25	Name: CLID Value: 440b22239b59448481d45dc8fa08f336.20221228.20231228
.kriptomat.io/	1970-01-20 17:15:25	Name: _clck Value: dgx0l9\|1\|f7s\|0
.bing.com/	1970-01-20 17:51:25	Name: MUID Value: 3C4735BC32F068242519273433226923
.kriptomat.io/	1970-01-20 08:31:16	Name: _uetsid Value: 1437b340864c11edb7fe3f05dafcbae3
.kriptomat.io/	1970-01-20 17:51:25	Name: _uetvid Value: 1437a240864c11eda86ab95301e556ff
.kriptomat.io/	1970-01-20 18:05:49	Name: amp_f6698a Value: ieAaQqmPC-DCYSzia54A4x...1glb4b9ka.1glb4b9km.1.0.1
.app.kriptomat.io/	1970-01-20 18:05:49	Name: _ga Value: GA1.3.1462269393.1672189683
.app.kriptomat.io/	1970-01-20 08:31:16	Name: _gid Value: GA1.3.1207041806.1672189683
.kriptomat.io/	1970-01-20 08:31:16	Name: _gid Value: GA1.2.1207041806.1672189683
.kriptomat.io/	1970-01-20 08:29:49	Name: _gat_gtag_UA_112514287_1 Value: 1
.kriptomat.io/	1970-01-20 08:29:49	Name: _gat_UA-112514287-1 Value: 1
.app.kriptomat.io/	1970-01-20 08:29:49	Name: _gat_mpgaTracker1 Value: 1
.kriptomat.io/	1970-01-20 10:39:25	Name: _fbp Value: fb.1.1672189683421.294399872
.kriptomat.io/	1970-01-20 17:15:25	Name: _hjSessionUser_2571225 Value: eyJpZCI6ImEwZThjZjUyLTlmN2ItNTk3My1hYzY5LTAwYTkzNDEyOWU4MiIsImNyZWF0ZWQiOjE2NzIxODk2ODMyMDYsImV4aXN0aW5nIjpmYWxzZX0=
.kriptomat.io/	1970-01-20 08:29:51	Name: _hjFirstSeen Value: 1
app.kriptomat.io/	1970-01-20 08:29:49	Name: _hjIncludedInSessionSample Value: 0
.kriptomat.io/	1970-01-20 08:29:51	Name: _hjSession_2571225 Value: eyJpZCI6ImQ4MWYxZjdlLWU3YWUtNDgwYi05ZmZmLWNkYjU5ODdmZjIyMSIsImNyZWF0ZWQiOjE2NzIxODk2ODM0MjksImluU2FtcGxlIjpmYWxzZX0=
.kriptomat.io/	1970-01-20 08:29:51	Name: _hjAbsoluteSessionInProgress Value: 0
.app.kriptomat.io/	1970-01-20 17:15:47	Name: __adroll_fpc Value: c71a0ec23e7c613f75405d3609062cd9-1672189683456
.app.kriptomat.io/	1970-01-20 17:15:25	Name: __ar_v4 Value: %7CV7D4JNFLCZECZIFZ4UKSD7%3A20230027%3A1%7CD4DIZ4MBAVDW7EUQFQX7VC%3A20230027%3A1
.bidswitch.net/	1970-01-20 17:15:25	Name: tuuid Value: b6771ca8-ed8b-477c-a3a6-60cf3c6b1572
.bidswitch.net/	1970-01-20 17:15:25	Name: c Value: 1672189683
.bidswitch.net/	1970-01-20 17:15:25	Name: tuuid_lu Value: 1672189683
.adnxs.com/	1970-01-20 10:39:25	Name: uuid2 Value: 6055065206744591236
.casalemedia.com/	1970-01-20 17:15:25	Name: CMID Value: Y6uW8zJlwNjEJzH2KdmODwAA
.casalemedia.com/	1970-01-20 10:39:25	Name: CMPS Value: 3227
.casalemedia.com/	1970-01-20 10:39:25	Name: CMPRO Value: 3227
.pubmatic.com/	1970-01-20 10:39:25	Name: KRTBCOOKIE_10 Value: 22808-NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk&KRTB&22883-NGRkZjliODFlNDhmZjczMDU3ZTk1ZWYxMjk2ZDBlMzk
.pubmatic.com/	1970-01-20 09:13:01	Name: PugT Value: 1672189683
.kriptomat.io/	1970-01-20 18:05:49	Name: _ga_G95CEPBWPW Value: GS1.1.1672189683.1.0.1672189683.0.0.0
.kriptomat.io/	1970-01-20 18:05:49	Name: _ga Value: GA1.1.1462269393.1672189683
.adnxs.com/	1970-01-20 10:39:25	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2In>u:8NS!]tbPl@/@8$-^=$Uf[R8>o/kA><^ifBI8AO:[+4.Il@m%[/^i0`YI0`E?.w(`We=M?n^hw`dZ*9qkTOI3If)y3KL9D3I?+TF0!6>
.kriptomat.io/	1970-01-20 08:31:16	Name: _clsk Value: 1spk8hp\|1672189683900\|2\|1\|j.clarity.ms/collect
.doubleclick.net/	1970-01-20 17:51:25	Name: IDE Value: AHWqTUljD0n0jcT2AuZ83qYGldKG2Gy9DAHH1WzrpslOybwHa-dABuEBTEVE0YSrASk
.d.adroll.com/	1970-01-20 17:58:37	Name: __adroll Value: 4ddf9b81e48ff73057e95ef1296d0e39-g_1672189684-a_1672189683
.adroll.com/	1970-01-20 17:58:37	Name: __adroll_shared Value: 4ddf9b81e48ff73057e95ef1296d0e39-g_1672189684-a_1672189683
.kriptomat.io/	1970-01-20 17:15:25	Name: _cioanonid Value: 6d47d4a9-413d-805f-4c5a-feed42845ec2
api.sardine.ai/	1970-01-20 17:15:25	Name: _immortal\|deviceToken Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..XLiX1xSEA8Ug3N0w.K25Pi_kBy9LSaffIv3dwbLch_M4ndPSVLPcL7wKzBHWQ2t-9VmiucgcTl31Ac7LhzLLCRgbhwFdzbNgfN3DpNpgQ7Z9-FR4bD94NVDhYT95kCFxBrQU3wBY0jezjJac1LR83u2eHe-YAp7Y3-we0Q1aQkLWkStpSgt8SC3TR7-O2rbaPVlgxIVnNolf0AIoevA3RZXcHJEFxWXDg7EBoj5FXslfUTM52bA4IRN_fryDBrR70QOLdRWdjfvImu2D2BFmu-wnhwi11tn_9J1AwwI-LCfu-AlRsexSCwvMCNcPtp9A.-_facJy7iO502VGyNmSrSQ
.c.bing.com/	1970-01-20 17:51:25	Name: SRM_B Value: 3C4735BC32F068242519273433226923
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 17:51:25	Name: MUID Value: 3C4735BC32F068242519273433226923
.c.clarity.ms/	1970-01-20 08:29:50	Name: ANONCHK Value: 0
.kriptomat.io/	1970-01-20 14:58:39	Name: intercom-id-b31tz438 Value: 4da9c659-dbdd-44c0-a3f3-9ae3c0bacad5
.kriptomat.io/	1970-01-20 08:39:54	Name: intercom-session-b31tz438 Value:
.kriptomat.io/	1970-01-20 14:58:39	Name: intercom-device-id-b31tz438 Value: 28805675-2437-4b60-a0ce-cd8bfa26cb3c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.kriptomat.io
api.sardine.ai
api2.amplitude.com
app.kriptomat.io
assets.customer.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.amplitude.com
cm.g.doubleclick.net
code.gist.build
connect.facebook.net
d.adroll.com
downloads.intercomcdn.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gateway.ixopay.com
ib.adnxs.com
identity.mparticle.com
image2.pubmatic.com
ipv4.d.adroll.com
j.clarity.ms
js.intercomcdn.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
p.sardine.ai
pixel.rubiconproject.com
region1.google-analytics.com
renderer.gist.build
s.adroll.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
track-eu.customer.io
us-u.openx.net
vars.hotjar.com
widget.intercom.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
region1.google-analytics.com
104.16.204.229
13.248.245.213
13.32.11.199
13.32.110.21
141.226.228.48
142.250.180.194
143.204.215.65
185.64.189.110
185.80.39.216
185.83.142.19
20.13.96.71
20.234.93.27
20.85.30.134
2001:4860:4802:32::36
2600:1901:0:c901::
2600:9000:211a:8000:6:9280:1080:93a1
2600:9000:2190:4800:11:9cfd:9400:93a1
2606:4700:10::6816:ce1
2606:4700:10::ac43:9f7
2606:4700:20::681a:b92
2620:1ec:4e:1::44
2620:1ec:c11::200
2a00:1450:4001:809::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2003
2a00:1450:400d:807::2003
2a00:1450:400d:807::2008
2a00:1450:400d:807::200a
2a00:1450:400d:808::2003
2a00:1450:4025:401::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42::645
2a05:d018:cc3:fe05:3332:9e3a:b8a1:e622
3.33.152.127
3.64.108.88
3.93.95.179
34.120.129.162
34.98.64.218
35.232.130.7
52.84.106.92
54.200.194.178
54.73.160.208
69.173.144.165
99.86.240.11
99.86.4.101
0be211be97803a06a511272c3ed911ad975afa7db8a2fa786b654655ad12c392
0cf284c47e76c0d21b6b4ac3a74db2e0a1cef4ffcdee2c78fe5e2cff26adb724
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
18659243781424a608f268a975a7eaf46edde6173b6fa027275717e0c9d528db
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c43cbb6e3f43bd664d2b7935e1c00d8324c8aebeaa9c6f9f9cdff45cc924536
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
21d892cef3db1e9b503a3c90d3676711c1a19baa491798b3c11e2a939354ec93
24202560b07f4d9cbd0b3133b8f7690068c92c80d144e38a163abd8b8e67b8fd
2718d3adf7a46b79c0ac9b709ddc77ec4b47d0bbdd6e9a6df0144ac9892c3ba6
2c87023fcde546904361f333151a1e6fbd5cce2ebb1c324c21768b5cea519aa6
30b367f1488f33aa94f6883f8d9f54b01ec5e94b2aca9732b91ac50315ec4a9b
35c648714927dcac1e295d710dabf7cf9505616b9d2b51829b9eb7bfdc26f767
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ecd731c442b47881cd4db79c3fab08ec74e0d69ead07c17a18d8dcee09684c4
3f9a887c456f92ae2b2d5950c184dc1fbb3353045691843d99d9254d2ecb98a5
424698ddba4943ca0a11b0d7854d074448f5c28bf7fa1f8718c6d69957c4caf3
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b126fca1db8f7c7dbe52034acaae74233c7d381cf4c24739c239174ff8a3eec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5108d26e63e89c83d7636f6f80700ae64aab58fd781deba0cbf2f31352be16fd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56763ce6107368c593b99329393e20b4986c86b98e1b027b3699c3caac197294
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b96caec3cae326ad60df29c2b9fe66d35da570313947993edc3d099746c5033
5dc5a77bac6976ad0c0b6f1879a2ff2b7e639c56d76758b3e93daf6bd203e41a
5ec0036ea8dbcb273d884342bb8db9a7266a280905984b10bcc99840e5015bf2
62ffc5b1e0972c97ec2d31338179fafc14a70d77a53007ad088d6b5ed9408327
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67f3b25fefd568c64dd0363a5e91fdfc4e7905c72d788b299a614dfa53c62642
683aba306e0a396be0811a4f372fef1492c62e8e6e82bae694e401407202cf28
69346971be17b3b83d423fe44bd4c7931a7538af39954245e762a0d5991fcba7
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
6bd0042fa19ffbfa854e1737b713586f6bc7c644dcd8e5d7f15389c3749efb22
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6f85363297fc43de46e4a92e1c9bea9dc6e3395203c27e14224299071b59af52
7585d17b34104c5f70f5234ce0cc2f4f999708dad6f5e404496c966c81013ab3
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
7a7eecafc617b13f7c9157bd1b10bbda1885dc007818b0d067bec075d07eab4d
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f25533614e2109c3b84c0e40cb715840772537fbeb6190e7587e8f509466e10
7fff6acf83f4c59116d8a9777d1750b2ada8f0aa983b893a5fe4dc713f015afe
82c3b325b3d79c7be9e6307b86464559cad17836de522f473c3d2c18b3c83869
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376213bf6f0f72def83b2ab968a0774b034713af47830eecdc75e441bb1bba9
84c322b585d51086ada92e87050652e3f98c579e6c774e7cd62af8695186b6a7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8542fb22102820b010f1866980ea4a9b15aa3dda19c597cd48f3df63706bac71
8fee58f1578cb8f7b6518592542aee30516d7526ce027a4177637d5a2dc76334
93440dec92e49f87948889675b6c50f310ed0807b22ace6bd67e33e587bc3fb1
98a1342cf88d537df3e90d3cb293ce2ce068f057236dbdda60ed537e9edfc023
9910394942b1e02ea7377ea57d5b2d9e30301389bb138159b49b076f561c23e4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3e4b7135839f6a2073817eee1c7538d420d71bda0102cf952caecbdf2d7b50
9da3db66fc9ca32cb2f3e1593e0ce3122433e5f3803846de4e9f8627e41d5885
a33970a7ec995d405b6ed74dd2b4f9cc72df287c7ebac1eb7efc9a4b18069927
a6866371b2a6b90fc98b9cc24770e4286cf3ab9cb1d2031dfb397e90f22b9f76
a992905f8ea98f7406d98c171fad25b204700682f0758c71f125f2cb4a7259cf
aa7487d6ac118f0ac1eb110afe86080548e760dc6328e7631d87265f74d66ad8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b059d06f8e3489d45f52e9051b1d6ec3dd3d2f60329c07fea4282afc9e40e375
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1754748fd1f1fa7cfabfe2fbe0d16d55094cb04146fa858cd6a431ad22810e8
c26360cf277939bfcba57f0685efd35f7dbd75c35278e3309ee7b6b6d6f456fc
c4c91fc06f3bf7a65c251b4f902f6109f6dceb26a096ef70715ef427a011576f
c52db0c951b288ebc1a4d26f52a202a6f72b7d1c080b044c0d239be29d4134c1
c6e53eab13384144031ae9fff7c5666badde9d2b4676b8b44d7254cbe6f390b6
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
ce9e74f1c75346775317689adec48a90ec695766a4554ad2de27bc022cfb7b27
d597defd381012a8d136bd0b552f2463ad9f8bb648622dd522b6f96265f3ad16
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70acab9f5e56a161883b63fc9fb8e5ea1bbc974b650bdfc2d4bfefd22ce799f
e9d3d5b3f41734a7a264e8f3542caa8c200df9e7dc2abc401e60e54f47039437
ed05e2f73f56d30b6806224942048206bb12f437768bfe286a98716f28f5cb27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f12dfb5b204a05df755c72a1e18cf1046eacb801b8f37f9d022e08306c2fc7be
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fd715da232d93d90a74dad8232de2b6ccb87571bde67e6e634e189205f0657ee

app.kriptomat.io Open in urlscan Pro 2606:4700:10::ac43:9f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

89 %HTTPS

47 %IPv6

31 Domains

50 Subdomains

47 IPs

7 Countries

4010 kBTransfer

12738 kBSize

45 Cookies

3 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.kriptomat.io Open in urlscan Pro
2606:4700:10::ac43:9f7 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

89 %
HTTPS

47 %
IPv6

31
Domains

50
Subdomains

47
IPs

7
Countries

4010 kB
Transfer

12738 kB
Size

45
Cookies

125 HTTP transactions
0 data transactions